General
-
Target
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0
-
Size
3.8MB
-
Sample
240524-ecl43sbh97
-
MD5
05612ea40457810288d8a6c2fef7f0cf
-
SHA1
9151ce2aef44d31061f9019ae1574d8e3cf61aef
-
SHA256
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0
-
SHA512
d6d7ddfa53dbd844412a29fc82b4f3990b5ab023cd8d72e7754b0a69a8392f493e0dcde429ab4a0e3f722b41c8aab28e2b7b2d02335148914d2c165a8bfb71e7
-
SSDEEP
98304:KEjlmQbfgSgwvSnN4iVJui0xdRoM5XBHsdqe:KEjgQPXqOvWdqe
Behavioral task
behavioral1
Sample
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0
-
Size
3.8MB
-
MD5
05612ea40457810288d8a6c2fef7f0cf
-
SHA1
9151ce2aef44d31061f9019ae1574d8e3cf61aef
-
SHA256
a165070adc80da2b3081a938feeee689554eee212486cddd58a29870b4baabe0
-
SHA512
d6d7ddfa53dbd844412a29fc82b4f3990b5ab023cd8d72e7754b0a69a8392f493e0dcde429ab4a0e3f722b41c8aab28e2b7b2d02335148914d2c165a8bfb71e7
-
SSDEEP
98304:KEjlmQbfgSgwvSnN4iVJui0xdRoM5XBHsdqe:KEjgQPXqOvWdqe
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-